weird authenticated user question - GoFuckYourself.com

dj1 · 04-14-2012, 01:07 PM

so I was checking my stats and in the authenticated user section(the part where I can see which members visited my site) I found 5 visitors with user names like
"@^Y@*@~q|wpmymzz2()2|pq{jvk@-1/&@lvo)&1,.1(.1-+(@./*"

any idea as to what that is?
Thanks for any info

BIGTYMER · 04-15-2012, 06:03 AM

You find that in your htpasswd file?

It looks like encrypted user info to me.

freecartoonporn · 04-15-2012, 06:37 AM

prolly sql injection.

Kelli58 · 04-16-2012, 01:56 AM

Quote:

Originally Posted by freecartoonporn

prolly sql injection.

That is what I was thinking. Might want to look into any security holes in PHP scripts you are using on your website.

raymor · 04-16-2012, 06:31 AM

Although it looks similar to injection, those symbols are neither PHP nor SQL, so on close inspection it doesn't appear to actually be injection. It's also not any of the dozen or so encryption / hash algorithms I recognize, neither is it a DIY encryption based on known primitives. It might be helpful to check the actual logs.

04-14-2012, 01:07 PM	#1
dj1 Registered User Industry Role: Join Date: Sep 2011 Posts: 66	weird authenticated user question so I was checking my stats and in the authenticated user section(the part where I can see which members visited my site) I found 5 visitors with user names like "@^Y@@~q\|wpmymzz2()2\|pq{jvk@-1/&@lvo)&1,.1(.1-+(@./" any idea as to what that is? Thanks for any info __________________ Adult Entertainment for Gamers

04-15-2012, 06:37 AM	#3
freecartoonporn Confirmed User Industry Role: Join Date: Jan 2012 Location: NC Posts: 7,683	prolly sql injection. __________________ SSD Cloud Server, VPS Server, Simple Cloud Hosting \| DigitalOcean

04-16-2012, 06:31 AM	#5
raymor Confirmed User Join Date: Oct 2002 Posts: 3,745	Although it looks similar to injection, those symbols are neither PHP nor SQL, so on close inspection it doesn't appear to actually be injection. It's also not any of the dozen or so encryption / hash algorithms I recognize, neither is it a DIY encryption based on known primitives. It might be helpful to check the actual logs. __________________ For historical display only. This information is not current: support@bettercgi.com ICQ 7208627 Strongbox - The next generation in site security Throttlebox - The next generation in bandwidth control Clonebox - Backup and disaster recovery on steroids

04-15-2012, 06:03 AM	#2
BIGTYMER Junior Achiever Industry Role: Join Date: Nov 2004 Location: Walled Garden Posts: 17,066	You find that in your htpasswd file? It looks like encrypted user info to me.